Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

While people may like privacy, if, as Scott says, you don't have any anyway, then there's two ways society can go - towards a big-brother like police state, or a much nicer alternative outlined by David Brin, in his book "The Transparent Society", the first chapter of which is available on-line at www.kithrup.com/brin/trans_chap1.htm [kithrup.com]
Basically, he says that if the police/government/freemasons/etc can watch your every move, we'd better make sure that we are free to watch their every move too...

You may be correct in saying that privacy is a socially constructed right, though I can imagine a few arguments to the contrary (along the lines of "no peeking in my cave").

Your predictions about a future "sane," privacy-free society, however, are ludicrous. We already have (had) an example of that society. It was called Soviet Russia. If you sincerely believe that it is possible to have any sort of sane existence in such a society, I highly recommend that you go live in one for a while. Unfortunately the Soviet Empire no longer exists in quite that form, but there are a few other places that are close: China, possibly Cuba, and several others. Go read Arthur Koestler's "Darkness At Noon," then think about it for a while. Unless you have firsthand experience with the logical extremes to which your ideas lead, I would consider your post an ultra-naive troll at best.

And before you flame off a response, I was born in Russia and immigrated to the U.S. twenty years ago, so I have a pretty good idea of how things really work in both places.

-HR

p.s. You may also want to think about the fact that if the situation were reversed, i.e. you lived in a place which had no privacy, and you publicly and severely criticized several of the fundamental principles of that place as you've done here, you could very well be tracked down and hauled off to prison for your post. {sarcasm} On the other hand, I'd never have to hear from you again, so maybe it wouldn't be such a bad thing after all... {/sarcasm}

McNealy says he lets a company track his car's every move with GPS, so they know where to get him if his airbag deploys. But that doesn't require tracking every move--all it requires is sending the location if and only if the airbag deploys.

Similarly, the FBI insisted on tracking the location of cellphone users, on the justification that they could be found if they dialed 911. But the cellphone, too, could send its location only upon dialing 911.

In another editorial in the tech press, a writer recently argued for tollbooths collecting an ID from everyone who passes through. At the cost of a privacy loss, you don't have to wait at the booth. But in Europe, they're using an anonymous digital cash system to get the same benefit, without tracking people's movements.

I'm suspicious of people who argue for massive privacy violation, for the sake of benefits that can be obtained without such violation. It makes me wonder what they're really up to.

You're either inattentive or severely disingenuous. If you'd bothered to read a little further in the summary of that same opinion, you'd see the majority opinion, i.e., the opinion that actually counts:

Anonymous pamphlets, leaflets, brochures and even books have played an important role in the progress of mankind. Persecuted groups and sects from time to time throughout history have been able to criticize oppressive practices and laws either anonymously or not at all. The obnoxious press licensing law of England, which was also
enforced on the Colonies was due in part to the knowledge that exposure of the names of printers, writers and distributors would lessen the circulation of literature critical of the government.

and finally:

We have recently had occasion to hold in two cases that there are times and circumstances when States may not compel members of groups engaged in the dissemination of ideas to be publicly identified. Bates v. Little Rock, 361 U.S. 516; N. A. A. C. P. v. Alabama, 357
U.S. 449, 462. The reason for those holdings was that identification and fear of reprisal might deter perfectly peaceful discussions of public matters of importance. This broad Los Angeles ordinance is subject to the same infirmity. We hold that it, like the Griffin, Georgia, ordinance, is void on its face.

I'm quite surprised that there hasn't been an attempt from the private sector to create a complete database of personal information similar to records kept by various government agencies.

With cameras in supermarkets tracking what people look at, various security cameras and microphones posted around cities, car tracking systems, software registration system, huge mailing lists, and other monitoring, a well funded company should be able to track virtually every person in the US from 18 (or younger) to death.

I can imagine voice and face recognition systems identifying unknown individuals and entering them into a system. Various conversations recorded with others that would pick up information about their name and other vital information. Taste in music, movies, clothes and what have you can be obtained via various department store camaras.

You could track friends and form associations between individuals. Even with minimal monitoring a company could get a wealth of information about a person.

Once home networks become popular, chips in your CD player or receiver (or a combination) could report how loud music you are playing is and you could automatically be billed if your neighbors can hear the music (public performance) or if more than a certain number of people are at your house.

Of course, there are a lot of good that could be accomplished with this information as well. Advertisements that come would be tailored to you so junk mail you are not interested in would cease to exist (track comments about items you made in a department store about a TV for instance).

Of course there are legal issues that would need to be removed. I could see this company acting as a proxy for all other companies to collect personal information. If Sun, for example, wanted to mail everyone who had blue eyes between 20 and 30 years old with at least $40,000 in the bank working in the tech industry about a new monitor made for blue eyed people, they could hand over the mail to this proxy company to send out instead. That would avoid the need to transfer the personal information between companies.

McNealy says some disingenuous things and some wrong things, glossing over points left and right to make his flimsy argument.

Any company that doesn't properly safeguard people's personal information will suffer the same fate as a bank that doesn't safeguard people's money.

Safeguarding money is the primary thing you expect a bank to do, so your decision of a bank will be based on its ability to keep your money safe for you. Privacy is rarely one's primary concern in picking a company. Most people will pick a privacy-violating company to save a couple of bucks, to the point that companies with fair privacy policies will be playing at a disadvantage.

Take medical records. If you're in an accident, do you want an ambulance driver to be able to access your medical records online? I think you do.

Yes. That does not imply that I want my medical records on the public Internet. Here's a better idea: carry your medical history around on a (possibly electronic) tag, physically on your body. If you're in a wreck, the ambulance driver can scan the tag to find your medications, allergies, etc., but no cracker or spammer can steal or buy your information without physically approaching you.

Even if I did want my medical records on the Internet, that doesn't mean I want my buying habits, my physical location, and my web-browsing preferences tracked, too.

One of the chief benefits, to use a more routine example, is personalized service. In exchange for a little information, you can get an online experience that's more in tune with your interests and needs.

Keep it optional, and only collect the information you need. Merchant sites shouldn't need me to establish an account and shouldn't remember my address and credit card number unless I ask them to. A portal site doesn't need your e-mail address or a clicktrail just to display a stock quote or a weather map. Many people are willing to trade convenience for privacy -- just because McNealy isn't doesn't mean the entire industry should follow his suggestions.

I have agreed to let my car company, for instance, track my every move through GPS satellites.

GPS is a lovely system in that only you know your location. OnStar (or whatever similar system) only reveals your location through its cellular-network connection. GPS itself is excellent from a privacy standpoint.

I find it comforting to know that, should my air bag deploy, they know where I am and can send help.

Obviously, you should only have to reveal your location if your air bag deploys. Unless you crash or specifically ask for directions, your car manufacturer has no reason and no right to know your location.

Someday soon you could find yourself in a strange city and your Web-enabled wireless phone will be able to recommend a nearby restaurant based on your fondness for French, Italian or Mexican cuisine

Slow down, cowboy. I'd rather not share my food-purchasing habits with just anyone within cell-phone range, just so that restaurants who want my business can spam me with "click here to make a reservation" ads. The right way to do this is to have my GPS-enabled phone do a search for "Mexican restaurant Boston" when you tell it to. I don't want every Mexican restaurant in Boston to start sending me pitches as soon as I get off the plane.

To put this in context: lots of people seem to think I'm interested in pyramid schemes, weight-loss programs, pornography, and laser printer supplies, at least judging by the contents of my e-mail inbox. Merchants are not very discerning about who they think will be interested in their ads.

Letting restaurants send my ads through my cell phone primarily benefits one entity: my cell phone provider. You can be sure that they'll charge a healthy fee per ad forwarded, even though it costs them essentially nothing. Your location is valuable information, and your cell phone provider has no right to discern it (let alone sell it!) without your permission.

most people would gladly reveal their personal preferences, as long as they feel certain the information won't be misused.

Do you suppose Scott has actually gone out and surveyed people, or do you think he's just speaking for himself? Again, I don't want Scott's windbag opinions dictating the service that companies offer me. Also: how does Scott propose to guarantee that information won't be misused? Companies violate (and change [amazon.com]) privacy policies all the time. Companies' credit-card databases get broken into. Does Scott have a magic bullet to fix these problems, or is he just dismissing them as irrelevant? I'm in no way "certain" that my private information is being safeguarded.

So far the industry has done a pretty good job of regulating itself.

Bull. Amazon changed its privacy policy without letting people opt out. eToys sold its customer list to the highest bidder. One company I deal with told me that they "do not, ever, sell customer lists to third parties except when it's legal to do so." Cute. When money talks, privacy walks.

Most companies now post formal privacy policies on their Web sites

Ten pages of dense legalese isn't very helpful. Privacy policies are rarely customizable in any meaningful way. I'd take a lower interest rate on my bank account in trade for the assurance that my banker isn't selling my banking habits to any credit merchant who asks, but I don't have that option. Posting a "we can screw you, here's how" policy isn't much help, even assuming that the company actually follows it and has no security breaches.

allow visitors to have a say in how information about them is used.

Is he talking about the "don't send me junk mail" opt-out check boxes, or about the not-yet-implemented P3P? Either way, it's a token gesture.

Maybe some enterprising magazine will start publishing an annual list of the companies with the best policies and practices. The Privacy 500,
perhaps.

Consumer Reports has started writing about privacy, and from their stories, the picture looks bleak. They've concluded that the best option is to complain publicly and lobby for legislation. Informing consumers isn't enough, because there aren't meaningful privacy options availble.

Ugly privacy policies I can't change, just off the top of my head: my grocery store tracks my purchases so that they can design store layout and coupons to compel me to buy more. My phone company tracks my calling habits to pitch long distance plans that I don't want. (And they typically call at 8:30AM with such pitches.) My credit cards all track my purchases and sell the information to merchants. My bank sells information about my mortgage so that third parties can try to sell me insurance. Many of the web sites I visit track my click-trails to find ways to manipulate me into spending more time at their site. Many web merchants that I buy from insist that establish an account before I can buy anything, and a few even remember my credit card even once the transaction is over. I'm currently healty, but once I have a medical record worth selling, I'm sure my health insurer will find someone to sell it to.

I should have the right to demand that information about me be protected while it's needed, destroyed when it's no longer needed, and never sold to third parties, ever.

McNealy raises an incredibly good point, and I suspect he entirely fails to notice it himself. He's a laissez-faire guy, right? He's bringing up the exact reason laissez-faire can't work.

It's impossible to have privacy- he's right about that. It reminds me of a Rex Stout ('Nero Wolfe') story I've read, in which the detective, Wolfe, is being consulted by a woman who claims someone is trying to kill her husband. Wolfe's response? "Go talk to police. I can't stop anyone from trying to kill your husband- killing a man is the easiest thing in the world. That is why we have the social contract to protect and defend each other- because the practical difficulty in killing a man is nil."

Well, it's the same with privacy- the practical difficulty in violating privacy is nil. Buy something, there's a record. Make a remark to somebody, there's a record. Make it by email- a spyable record! It's completely ridiculous to expect there to be technological, mechanical means to protect privacy. Privacy is a myth. You _can_ know pretty much whatever you want, to a greater or lesser extent. You could probably get Scott's credit card records if you had the money to pay for the process- go through banks, manufacture a likely reason why you'd need to audit them and no problem.

However, what people are really concerned about is not literal privacy. It is being singled out and attacked based on some cross-correlated weakness. If you have some gene out of place, or bought a friend a bottle of whisky before you left for a long road trip, you don't want to have your driver's license revoked. Maybe if you're very wise you want your car to go dead intentionally if you get behind the wheel while drunk, but you don't want it to go dead because someone in another state determined that your statistical likelihood of having an accident increased beyond acceptable limits: that would be a violation of a personal liberty based on an impersonal criterion.

By the same token, you don't want to be tracked down and killed/beaten up by gaybashers/basherbashers/Microsoft employees/opensource zealots/abortion activists/antiabortion activists/etc. There are loads of potential reasons why someone might want to injure or kill almost any specific person, and loss of privacy simply means that anyone with a serious bone to pick has the technical ability to hunt down any such target- just the same as, if you're cooking dinner and cutting up food with a knife, you technically have the ability to leap out and sink the knive into the chest of any or all of your dinner guests. But you don't... it's not about _ability_ to do such things, ability is assumed.

Loss of privacy must be assumed, too.

Which only means that, perhaps to McNealy's chagrin, the social contract's gotta be taken seriously. 'Free behavior' ain't gonna cut it. In the no-walls world of the future, people will have to be _forced_ to show respect (including respect for privacy in another sense- akin to how Japanese houses can have paper walls: if you're not in the room you must fail to notice anything going on behind the paper wall).

Failure to do this will have roughly the same effect as leaping out and plunging a knife into your dinner guests: the important thing is to address the problem appropriately. Putting everyone at the dinner party into straitjackets and handcuffs is NOT the answer, even though it IS the only way to technically stop knife attacks on dinner guests.

Privacy is a right, privacy along goes hand in hand with Liberty, and Liberty is protected in the Constitution of the United States numerous times.

Had there been no Privacy, there could have been no Revolt against the United Kingdom in 1775.

As for the ownership of Firearms, yes, that too is a right, laid out in the Constitution of the United States as well. Any right held by a Democratic-Republic, even your right to life, has been "invented", most of them invented in the last 300 years. Like the right to vote, the right to own land, the right for women to vote, the right for women not to be bought and sold like livestock, the right not to be enslaved.

If you look upon the Bible for your basic rights, like in Genesis for example, you will not find many rights at all. Was there a right to life? No, there was not. Was there even freedom of worship? No, there was not.

While The Price of Liberty is Eternal Vigilance, Liberty also must include Privacy, for every absolute government is at heart a tyranny, and only through privacy can the people avoid being ruled by a tyranny.

...Accordingly, an
author's decision to remain anonymous, like other decisions concerning omissions or
additions to the content of a publication, is an aspect of the freedom of speech protected by
the First Amendment.

David Chaum invented blindable digital credentials in the 80's and 90's for precisely the reason that McNealy is talking about here -- so that you can do things like let the movie theatre know that you like scifi flicks and you are 3 blocks away without letting the movie theatre know who you are.

The idea that McNealy is pushing, that you can give out information about yourself in little bits, and make the recipients promise not to share it, is stupid, as should be obvious to anyone who knows about previous attempts to prohibit the free exchange of information.

If mega-corps can't prevent average users from trading information against their wishes, then how well do you think that average users will fare trying to prevent mega-corps from trading information against their wishes? Or, for that matter, other average users. There are already profitable small businesses whose sole job is to collect and organize and sell information about normal users.

The "give us your information and we promise not to mis-use it" model is just idiotic at the technological level. (That is.NET's laughable "privacy model", too.) However, there is a technological alternative: Chaumian digital credentials.

The issue isn't whether information is going to be shared or not. The issue is who controls the process: individuals or large companies?

Of course I want my medical records available to doctors if I collapse. But that problem is solved quite simply with a medic alert bracelet. Lots of people use them. Lots of people CHOOSE to use them.

But does a guy who had psychiatric treatment want a potential employer to know that he took prozac for 14 months two years ago?

McNealy's piece is an argument against a straw man. As someone who uses Sun products, I'd feel better if he took his head out of the clouds and tried to fix problems with Java Web Start and the Solaris download process. It seems that more and more often Sun stuff is broken out of the box.

Actually, many companies DO care if you care if you play ping-pong on Tuesday nights.... Or maybe you'd be interested in donating some dough to a local youth ping-pong team so it can realize its dream of playing in China. Get the drift?

If, as you might expect, the air bag deploying is a result of some kind of impact, the GPS may suddenly cease to function. Knowing that it has suddenly ceased to do so may be enough to save your life._____

His point is valid, releasing some private information can generate a highly personalized experience, and this is of great value to many people. I enjoy watching Amazon try to recommend things to me with my diverse and odd tastes.

The problem I see with current privacy online is threefold--you often are not given the option to not generate personalization, the information gathered is often, if not always, shared, and most importantly, cross referencing can destroy all limits.

This last point he didn't really touch on in the article--but with just a small amount of xref work, some good logic and a bit of human input, even very small data points can be combined to generate a detailed profile. Evidentally, even mouse click patterns can help ID an individual.... This is why we jumped up and down and shouted when doubleclick wanted to link its databases.

Until we get this last problem solved, I will continue opting out and bitching about privacy issues at every corner.

I don't have any hope it will happen anytime soon, or through any technology-only method (it's a societal problem, you can do it with public records and develop a similar profile if you have a lot of time).

The only rights we can have are truly fundamental - the right to life, for example. As Heinlein pointed out, there is no such right.

Privacy is not a right, it is a manufactured abomination, a cover for the dishonest and unnatural.Clothing is the most immediate practical example of privacy-protecting technology. Do you practice what you preach?

It's important to let the right people have the right information, but it's more important to know when that information is needed. The GPS tracking system doesn't need to send information all the time to be able to notify the watchers where one's airbag deployed.

"I have agreed to let my car company, for instance, track my every move through GPS satellites. Some people might consider that an invasion of privacy, but I find it comforting to know that, should my air bag deploy, they know where I am and can send help."

Amendment IV
The right of the people to be secure in their persons, houses, papers, and
effects, against unreasonable searches and seizures, shall not be violated, and
no Warrants shall issue, but upon probable cause, supported by Oath or
affirmation, and particularly describing the place to be searched, and the
persons or things to be seized.

Now, I realize that the USA isn't the entire world, but the EU also places a high value on privacy. . .

I probably shouldn't be responding to this obvious troll, but since it got modded up so high...

People in America, I have noticed, seem to think that privacy is some sort of fundamental right, when in fact it is socially constructed.

All rights are socially constructed. That doesn't mean that they aren't real -- they're real as long as we (as a society) continue to value them. The right to privacy is becoming controversial because it is highly valued by a lot of private citizens, but many corporations see it as an outdated concept that's a hindrance to higher profits.

The transparent society that is coming will mark the ascendance of our species. In the beginning we were innocent and naked and had no privacy, like Adam and Eve in the garden of Eden, naked but for a fig leave each. Later, with the rise of agriculture, information became power and the notion of privacy as an absolute right was eventually invented (about as absurd as stating that gun ownership is a 'right').

This doesn't really make enough sense to respond to.

Privacy is not a right, it is a manufactured abomination, a cover for the dishonest and unnatural.

This pretty much ruins your troll, unfortunately -- you should have toned down the retoric a bit and someone would have fallen for it.

Well, yeah. I want control. Control over who gets information, and what information. Control over whether or not my phone alerts me to the presence of nearby businesses that want my money.

I'd love to be able to file prescriptions with a central database, then walk into *any* handy pharmacy, insert my smartcard, and have my prescription filled (after the usual checks, and debiting the amount prescribed). No more of this "transfer" stuff. (You can imagine how much my neighborhood pharmacist likes that idea.) But I want it under my control. Most of the ideas I hear about are controlled by someone else, who just assumes that everybody wants to be known intimately everywhere and drenched in non-stop advertising.

McNealy seems to forget that while some people (such as himself) may not mind too much having no or limited privacy, OTHERS DO, and that each individual should be able to choose. He is essentially arguing that nobody should have the right to choose their own level of privacy, simply because it may sometimes be beneficial for others to have your information. Individuals should be in complete control of what happens to their own information and who should get it. He is saying 'give up the control, give the control to us big businesses, and then just trust us, because so far "the industry has done a pretty good job of regulating itself"'. This is complete BS. He seems to want to thrust his own personal views onto everyone, and it sure as hell isn't for everyone elses good, as he implies it is.

I don't want some corporations software making reservations at restaurants for me supposedly based on my tastes (more likely, in reality, based on what the restaurant paid the corporation to ensure that his/her restaurant always comes up top of the list) - and I don't see why I should be subjected to systems like this simply because Mr. McNealy liked the idea.

There are a lot of concepts and algorithms that make it possible to exchange information without giving away everything - zero knowledge proof etc. Bruce Schneier's cryptography book explains some of this. Unfortunately, this will probably not get used. Corporations have an interest in collecting as much data on a customer as possible, while most consumers are too lazy to even use things like PGP / GPG. So, I'm not optimistic;-(

I have could my medical records on my own site, or better yet imbedded in a ring or a watch or even in my body. Then I can have both privacy and access on my own terms. When it comes to services I can access offerings myself (or have a program to do it for me) why do I need to give someone else my likes and dislikes to get these effects.

(I use the work effects here because it is the effect that customers want not the service.)

What this comes down to is will me (or the programs under our control) do these things or will others that any not have our interests at hart do them tofor us?

So when can I stop by to take pictures of you and your girlfriend having sex and mail them to your mom? And paste them up around your office. And can you point out to me where you make your mail publicly available to your neighbors? Id like to read your tax returns. By the way, if you could e-mail me a copy of all your medical records, just cause I'm nosy and want to see what kind of birth control you use. Oh, and I see you're wiccan. I'm sure your conservative catholic boss and the local born again Christian association would love to have your home address. Ill send them a copy of your medical records also, they're sure to want to know if you've had an abortion because of that case of herpes you caught. I'd call you a troll, but I think you're serious.

You see, absolute privacy is INCONVIENT. We are not talking about credit card information, or Social Securtiy information here, we are talking about the fact that if you have a heart attack, you will be very happy that the ambulance driver has the ability to access your Medical Records on the spot to save your paranoid ass.

If the only people who could get access to information about me were the people who really needed it, I'd be comfortable with McNealy's vision. For very good reason, I'm not, and neither should you. There's a reason I usually fake my information when filling out forms on the web, regularly reject cookies from most sites when I don't need them, and at least try to obfuscate my e-mail address - or, even better, fake that, too. I don't mind medical personnel having access to my medical information; in fact, those are the only people who should have access to that. No one else. Unfortunately, providing any sort of personal information to anyone seems to be blanket permission to sell it to the highest bidder.

Having all of my personal information readily available will be nice and convenient...when I can believe that such information won't be sold and misused without my knowledge. Until then, no go.

He said he would be willing to give up some privacy for greater convenience. Most of us do. I give up some privacy by using my tivo. I give up some privacy by shopping at Amazon. I give up some privacy by using credit cards for purchases. I give up some privacy by using the safeway club card to get grocery discounts. I give up some privacy by buying an airline ticket, renting a car or checking in to a hotel.

I loathe using credit cards, for the very reason that I know a near-permanent record of every use of it is being made, and such information - even incorrect - can be sold or handed over to, say, the FBI, or your favourite direct marketers, without letting you know, without even cutting you in on the profits from said sale.

Now, why should you give up some privacy by buying an airline ticket, renting a car, or checking into a hotel? Such information should be shared between two entities; you, and the company you're making the purchase from. That information shouldn't be shared with anyone else, outside of family and proper authorities in an emergency. It sure as hell shouldn't be sold to marketers, advertisers, and the highest bidder.

If people and companies could be trusted beyond a shadow of a doubt not to give other parties that have no business knowing your/my purchasing habits or medical history such information, I'd be more comfortable with McNealy's vision of convenience over privacy. Unfortunately, giving up privacy often means making oneself a wide-open target for "marketing research" and "data mining." We just aren't civilized yet to properly use personal information, instead of abusing it and whipping it around to anyone who will pay good money.

It seems you think we should be willing to give up privacy for convenience.

To that end, please publish your home address, all phone numbers you can be reached at, your bank account balance, all credit cards you have and their limits, your Social Security number, all of the websites you've visited over the past 9 days, and everything you've purchased using anything but cash in the last 2 years. Please be sure to provide timely updates to the above information, as well as any additional information I request, so I can conveniently ask you important questions and inform you of exciting offers on a regular basis.

Please do this willingly, so I don't have to go running around, collecting the information covertly using cookies, purchased databases, "tracking" software, and other data-mining techniques. It's so much easier providing for your convenience when all the information I might need is at my fingertips, whether you really like it or not. After all, we have no privacy, and we should get over it, right? Or does that not apply to you?

Can't someone come up with better future scenarios than the nearest place to eat Italian or the next movie I might want to see?
How about when I'm grocery shopping, an agent scans the ingredients of products to make sure they don't contain something I'm allergic to?
Or from today's headlines, how about showing me where my kids are at this moment in proximity to the nearest sex offender? Or that my daughter is at that dope's house?
The problem with the question of privacy in our online world is all about free will and society's determination that it, not God, will determine whether you exercise your free will properly. Increasingly, our society plays the role of God in mandating behavior and thought.

I always find it strange that the/. crowd tends to analyze this along libertarian/privacy-advocate lines. Most posters - myself among them - are quick to point out the inevitable failure of encryption-based rights management, but we can't see how inevitable it is that

I find this blind spot even stranger when you consider the number of Trek-aware posters on/. I saw a TNG episode where a cryo-survivor from the 20th century is able to find out where the captain is, get him on comm, and wander around the ship. Picard explained that they don't NEED internal measures to protect these things, basically, because human civilization has progressed beyond that point. In Voyager, I've seen people view infra-red scans of private quarters, and in the final episode, Seven transports directly into Chakotay's quarters. On other Trek-derived stuff, people get databases on the past of certain folk all the time. In other words, it's not just about security; their society has progressed to the point of being, with the exception of certain military-critical data, transparent. So why haven't I noticed any transparency advocates here?

I'm curious whether the fans of various Treks tend to fall on the privacy-defending side or on the libertarian side of this debate.

Personally, I take the view that both sides are grievously wrong and that the real solution is to watch the watchers. The "tribal" idea was very trendy during the 90s, and many here have pointed out that "tribal" societies (or, as some of us know them, small towns), word tends to get around and privacy isn't really possible. To me, the surveilled future looks the same way.

McNealy's attitude sucks, but you might as well get used to the zero-privacy society - by giving everyone the same rights, and to keep the keenest eye on the watchers. A transparent society is a very different kind of society than any of us live in, but it's the only way to keep the anti-crime benefits from being overwhelmed by Big Brother abuses. There are still a lot of questions, but at least it meets the "orthagonal alternative" or "neither of the above" test.

All he says is WE should be able to give up some privacy for convience.

Very good one line summary. Except for the short argument in paragraph 2 about medical records, he spends the whole time talking about how convenient it will be to give up our personal information to the great digital void. Which makes me wonder; why is the article titled, "The Case Against Absolute Privacy?" I would expect that title to appear over an article on terrorists and kiddie porn, not convenient services. Are we supposed to agree with him that convenience is, um, convenient, and then conclude that privacy isn't such an important right after all?

First give me back my right to privacy, and then let me choose how to disclose my information.

Rather than tackle the "privacy" issue as an amorphous blob, it helps to separate it into some key elements:

1. What methods are being used to obtain the data?

Governments are generally the most blatant offenders (outright black-bag jobs, wiretapping, attempts to restrict access to privacy-protection technology). Objectionable business practices are more subtle (e.g. requesting data under circumstances that imply limited use, such as tracking a specific order, and then using it more broadly).

2. What agreements are made when the data is obtained, and how well are these agreements kept?

As noted above, unethical governments tend to simply ignore legal restrictions with only cursory attempts at excuse-making, while unethical businesses tend to use deceptive agreements and/or wriggle out of agreements after the fact.

3. Is the infrastructure set up to support privacy protection, to support data-gathering, or to strike a balance between the two?

As previously noted on this thread, the benefits described in McNealy's op-ed can be obtained with a system in which the individual user gives out specific items of information on a need-to-know basis.

The Constitution only applies to actions that the government takes towards people and the states. The actions of people towards other people are not restricted by the Constitution. We have a right to privacy in regards to the actions of the government. Not to actions taken by Sun Microsystems.

Personally, I think that one should have the ability to choose weather or not any personal information is able to be viewed and by whom. If I'm Joe Paranoid, I want the ability to turn off all access to any information about me by anyone.

Of course this will be giving up the ability to have credit cards, GPS emergency tracking or driving directions.. But if I'm willing to lose these 'convieniences', It should be my choice..

That's what the argument tends to boil down to: If they're allowed to track my every move, then they can personalize the spam they send me on my pocket phone/browser. Please forgive me if I'm not impressed.
McNealy tells me I can be in a distant city and they'll notify me when I'm near a restaurant of a genre I like. So some awful cockroach palace will purchase the spam rights for "Mexican" food and my phone will disturb me to tell me that bad salsa is only two blocks away? Hey Scott, try this for size: If I want to know where Mexican food is, I'll ask! And it might not be where I *am*, it might be where I *am going*. So don't query my GPS.
I find it slightly annoying when spAmazon tells me what I might like, based on whatever book has been purchased on my account for my wife, kids, or as a gift to somebody. Too much personalization is annoying. I'd rather read a magazine; the ads, if I'm interested, are in the same place each time.
That's the trouble with the "m-commerce" crowd. They don't care what people want. They just care that they can. Can spam. Hey, what a good idea. Let's can spam once and for all!

It's very clear from this short piece that Scott McNealy is a no-privacy advocate. His view is not balanced, merely advocates his position.

He conveniently neglects to mention the darker side of "information openness" -- companies using it to extract profit from their customers [variable pricing]. Or employers using it to exercise their personal prejudices.

Not that privacy isn't without it's faults. Alot of "medical privacy" could be used for insurance fraud.

But let's have a rational debate. Not trade polemics. There really is a difference between default openness with nondiscrimination safeguards, and default privacy with info-verification safeguards.

All he says is WE should be able to give up some privacy for convience. Oh really? You mean like I can choose to have an unlisted number, or a listed one in the phone book? Well, duh. I really don't think he's saying anything new here.
What scares most of us, and he doesn't address, is when other's take some of our privacy for their convience.

One of the more annoying things about americans is how they think Europe is one place with one culture. Europe is 50 very different countries with very different cultures and political systems. There is pretty much nothing you can say that is true for all of them.

If you read/. you may get the impression that Europe is hard core on privacy since they report on some EU legislation from time to time. That's merely scratching the surface of one of many different sides of that issue.

The average US/. reader would be stunned and horrified by the lack of privacy in my home country. The government knows pretty much everything about you. Just one example: everyones tax return is a public document that can be requested from the government by anyone. Books are published with the details of the incomes of the wealthy and famous, and the press routinely digs out those facts.

Dont get me wrong. I'm a Swede who has been in the US for 6 years, and I like the place and the people.

The 15 EU countries are a bit more homogenous than the entire continent, but not by all that much. A bit richer and more democratic tradition on average. Culturally they are pretty much as diverse an any collection of countries.

They do have the EU membership in common, obviously, but that doesn't mean all that much. EU holds about 1% of the power over the members as the US federal government, and it's "directives" are routinely ignored by those states who feel like it. There may be a bill of rights somewhere, but I've never heard of it. I'd guess every country already had abolished the death penalty, so they could make that an EU rule and pretend they had achieved something.

Usually when you actually can say "But all over Europe they don't have X", that only means that the US is pretty much the only place where X is common. So it's more a statement about the US than about Europe.

Don't get me wrong, I love open software, but this is one aspect I've never quite understood -- Which information wants to be free and which doesn't. In a 1990 interview with Denning [georgetown.edu]
RMS states:

I believe that all generally useful information should be free. By `free' I am not referring to price, but rather to the freedom to copy the information and to adapt it to one's own uses"

This has always been a difficult point of the open source community for me to fathom -- where is the line in the sand between information which is useful and should be free and that which should be kept proprietary. Is it limited to these two ideas RMS hits upon, or is their other `sacred data' that should be left unknown and inaccessible to the general populous?

Personally, I'd tend to believe that the algorithms themselves, the building blocks of devices, are what want (and should) be free, and that information / ideas / implementations of such shouldn't necessarily be free. I.e. If I encrypt my password in an MD5 hash[?] [everything2.com], information about the algorithm to my password should be freely available, but the actual contents should not. I don't know how well this analogy holds to all things in real life, but I'm interested in others' perspectives.

This article uses a sophist trick that seems to have flown over most of the heads of people here. What people want is control of their information, not absolute privacy. McNealy (and most here) equate absolute privacy with control of information. While that may be true, what *most* people want i control over their information - who gets what and what is shared among people, groups, and companies.

McNealy is right that most people want physicians to have access to medical records. What he seems to neglect is that most people don't want medical purchases automatically sent to their insurers or doctors. That is a big difference and one McNealy doesn't seem to grasp in it's entirety.

Since Scott can't argue against *control* of user information, he uses the extreme example of absolute privacy as a red herring. Too many people have fallen for that.

I cannot trust whomever I give my info to. I really wish I could, but I can't. Why is that? Because no one has your best intrests in mind except for you. A company may tell you that your information will be held confidential. They may actually mean it until there is a management shakeup and the new stallions re-define what "confidential" means. To business, your info is a commodity. And to not capitalize on a commodity such as that is, to most, irresistable.

--

McNealy may like it when he gets sold out so that marketoons can read him like a book; he shouldn't assume we find any value in it though. I believe it's called "being at a disadvantage."

Tsk, tsk. Aren't you the party animal, Mr McNealy? Oh, and about that escort service, don't you think Ms McNealy should know about this?

You mean, she can't have access to this information? Well, due to the fact that it's legal in the USA to sell (quite detailed) consumer information, our crack team of net expert were able to obtain this little report for her for a small fee from the above companies. US$200 for 1,000 names. Cheap, eh?

Please, let us recommend a martial counselor or a divorce lawyer in your neighbourhood -- and may we interest you in a nice French restaurant, for that ?

Have a good day, Mr McNealy, and thank you for contacting NetSnoopers(tm). Remember: your satisfaction is our goal, and we value your business!

I agree with your points and McNealy's. I would add that the big missing ingredient is a legal right to privacy and the binding nature of a privacy contract. If you agree to a spesific privacy agreement with a company (whether on the web or not), they should be bound to that agreement and it should be considered a legal contract.

People have a right to privacy, and governments should respect and protect that right. People should also have the right to choose to allow some of their private information to be used if they want to do so. In order to properly protect people's privacy, no company should be able to give out persoan information without explicit permission to do so. This means that the default has to be that they don't give out personal information, and the customer/user needs to specifically select to have their information provided to others.

It seems obvious to me that he's ignoring the reason people worry about privacy in this country. I won't expand on it since other people have.

This guy is a typical example of how money is considered more important than people in this society. Since information is basically a form of currency, opinions like this are bound to be the most common. Or, at least, those that are most often heard.

In Europe, they have a more balanced view of privacy rights. Opt-in instead of opt-out, your data is your property, etc. They don't put as much of a priority on economic growth and money as we do, and that's not a coincidence.

Forget the governments and laws. I have become more and more worried about the "voluntary" abandonment of privacy and freedom, when people get an apartment, a job, an insurance, a university, and so on.

Laws restrict mostly just the government control and violations of privacy and freedom. But control will, always, find a way, and then comes the running and the screaming. A new form of stricter-than-ever control is emerging fast.

More and more companies are joining in the trend to put all new workers to tight psychological personality tests. They don't just test your ability to work, but also ask about your family, your childhood, and what not.

The problem in most psychological tests is that they weren't designed for companies, but for psychiatric analysis. A question: "Are you planning to get many children?" may be quite fine for a medical test, but not for a work psychologist, who works for the hiring company. (In one company to which I applied for, one of the interviewing psychologists even worked in the same room where I was supposed to work. Well, I didn't answer questions which I considered too private and irrelevant for work, the psychologist didn't like that, and I'm still an unemployed Linux hacker. *sigh*)

Then there are the permissions to get criminal records. Hey, there are laws why they are private, and those laws have reasons! By giving the permission to companies, you make the possibly very good and well-reasoned laws effectively useless. You also don't know what records they get - perhaps also those where you were just suspected, and you can't influence how they interpret them. There's also no time-limit; that 20 year old DUI sentence might not be so unfavourable, but if you've even been caught of smoking grass...well, byebye to ever working again.

Oh, and then there are the mandatory drug tests. One Very Big Finnish company (not Nokia, but might apply to them too) even does mandatory AIDS tests to workers. Not that the tests help the companies any bit, as they are usually done only once, and usually just kick many very productive people out of work.

They can tap your keyboard, read your emails, put tv-cameras everywhere, watch where you drive your car, snoop in your home as they wish (didn't you read the fine print in your rent contract?), and everything.

This is worrying because it's "voluntary", and gives an illusion of freedom. Of course, "You can always go to another place." Yeah, right. In practice, it's mandatory.

The companies and other institutions do, of course, have their reasons. So what? Everybody always has "good and sound reasons" when they violate your privacy or freedom, to "protect our children's safety" by killing the evildoers. Really, the reasons are usually "good." But they are often against the freedom and privacy, which are often too abstract concepts to understand in relation to most everyday problems. "The safety of our children must not be endangered by the 'human rights' or criminals and drug addicts." Nevertheless, even these abstract human rights have reasons too, you know.

"Those who give up their freedom don't deserve it." (One of the rare ideals which those silly Americans got right...and then forgot.)

What Mr. McNeally seems to miss is that while I would like it if my computer kept track of my taste in movies, etc. and gave me recommendations based on that, I really don't want that information to be on your computer, to be used for purposes neither known nor sanctioned by me.

"Ladies and gentlemen of the jury, the defendant before you may look quiet and unassuming, but that is merely a cunning disguise. He is, in fact, a homicidal sociopath. We've seen computer records that prove he regularly buys murder mysteries and watches slasher movies..."

Not as bad as it sounds, actually. In practice, the openness of personal information here mostly means that the average citizen has access to the same information that "the man" allready has.
Sure. My neighbour can check my tax records. I bet your american neighbor could too. All it would take is a friend in the right place, or some quiet dollars.

In Talley v California [cpsr.org] (1960), three of the justices said "I stand second to none in supporting Talley's right of free speech -- but not his freedom of anonymity. The Constitution says nothing about freedom of anonymous speech."

The article raises some very good points, which lead to some other ones. I'm being serious here, not trolling, so don't just mod this down because you disagree.

The fact that company X happens to know that customer ID 939392-2349493-1343 likes to play ping-pong on Tuesday nights and prefers green pullovers to blue is not equivalent to being spied upon. The information is used in an abstract fashion: crunching statistics, determining customer needs, etc. Not one person at DoubleClick or any other "Big Brother" company gives a flying flip at a rolling donut *what* you do in your spare time.

How does a computer thousands of miles away knowing that you're interested in travel, politics, and fine art *really* affect your life, except that the spam you receive is tailored for your interests, instead of being completely random?

People are naturally observant by nature. When you go out in public, you notice what people are doing, wearing, saying, etc. After a while, you come to conclusions based on those observations. Have you invaded those people's privacy? A library keeps track of what books people are reading so that they can keep their library stocked with books that will be useful or interesting to the local population. Have they invaded those people's privacy? The notion that what someone is doing is EVIL because they are company is absurd, yet that seems to be the party line here on Slashdot.

Privacy issues like this come up because people are still reeling from paranoid fantasies of adolescence: They're parents are going to find their porn, see them making out with the boy/girl from next door, find out about their secret "anarchist" identity, walk in on them pleasuring themselves, etc., etc. They carry over into their adult technological lives as rants about "privacy", "big brother", etc.

It seems to me that privacy is only desired by those who have something to hide. Furthermore, everyone pretends to be squeeky clean, which means that we have unrealistic expectations of others.

Close, but no cigar. You are half-right, that many want privacy to hide who they really are or what they might have done, but there's the other half: people want privacy so that others don't assume they have something to hide, and what it might be.

Classic example: how much should your insurance company know about you. We've argued it to the death, and everyone already has their opinions on it, but say they knew that your were genetically predisposed to heart failure. Would you like it if they assumed that you would have heart failure and that your premiums would cost $200 more per month than the Joe Smoe next door? It isn't something to hide, because it hasn't happened yet -- there is no guarantee that it will happen.

Better example: Just by looking at your e-mail address, I see that it belongs to americanwicca.com. Perhaps I should assume that you are a wiccan, and/or practice it on a regular basis. Perhaps you like to practice witchcraft...cast spells on people you don't like...sacrifice goats in your basement...do that voodoo that you do. What if you happen to send me a resume for a job offering and I see your e-mail address on it and jump to these conclusions? Yes, I know that Wiccan and Witchcraft and Voodoo are entirely separate practices, but who says that everyone does? Your personal knowledge of who you are does not stop the prejudice of others.

In the future, privacy will not exist. This will create a more sane society - politicians will not be expected to be perfect, we will have more realistic expectations. We will be able to check up on our prospective spouses, find out everything about them before even meeting. It will be a wonderful way of meeting new people and finding love.

BWAHAHAHAHAHAHAHAHA! Realistic expectations? Listen, ever since George Washington took office, people have been trying to follow his standard for serving their country. Check out prospective spouses? Who is going to want to marry you if you already know who they are, what they like to do, what they've done in the past, and who they've slept with (the fun in dating is finding that stuff out...well, except for who they've slept with)! That's not the way you find love! (would you like it if I assumed that you don't date much since you made that statement, or would you rather keep that private, hmm?)

I have noticed, seem to think that privacy is some sort of fundamental right, when in fact it is socially constructed...The only rights we can have are truly fundamental - the right to life, for example.

This is completely twisted. You're saying that the right to privacy is socially constructed (which you're right), but say that the right to life is fundamental. I'm afraid that both of those "rights" are socially defined. There was no right to life in periods of war, dictatorships, anarchies.

You presume we have a right to life because it is defined in our society. And it is, through the Declaration of Independence. But so is the right to privacy, in the 14th amendment (and Roe vs. Wade).

The problem with the right to privacy is that it has never been solidly defined. President Bush may support Roe vs. Wade in defending a woman's right to privacy, but he stands up for businesses in their continuing "economic progress," even though it's business that's really hacking away at privacy issues. Everyone sees this right in their own sense, but because everyone looks at it differently, there's no way that we are going to be able to defend it unless we know what territory to defend.

The whole point of that quote being important is not that someone said it, or that someone famous said it, but that someone famous for being in a position to greatly help or hinder privacy rights said it.

The problem with that is that there are perfectly reasonable, non paranoid scenarios in which you do NOT want your information aggregated. Using the doubleclick example:

Customer X-35213-54388 purchased speaker racks and green paint for a 1989 Mazda Miata, using static IP addres 123.456.789.101 - they used to live in Minnesota but made this purchase and all recent ones from CA.

John Q. Doe has registered, on the next day, a Green 1989 Mazda Miata in CA after having moved from Minnesota.

Static DSL IP 123.456.789.101 purchased some online porn.

Add in DoubleClick's info-aggregating and every other site you visit relates everything you've done online to:

John Q. Doe
123 Fnord Ave
San Mateo, CA, 12345
SSN: 123-33-4567

No, thanks. I'm trying to keep most of that info, especially SSN, to myself and not the skript kidz that hack the companys' website.---------------------------------------- ----------

First thing that strikes me is that he talks about medical emerancies, which I do agree. I *do* want the EMS people to know my medical history while rushing me to the hospital.
What I don't want, and what he does not talk about is how Americans made the faustian bargin on tracking and collecting of personal data, and the details which can then be used to learn about your habits to better sell you services and the like.
Direct Marketing sorta works. I've worked for Epsilon (Burlington, MA) which is a data mining operation / DMA. I've seen the data silos, heard about the size of the credit card databases (one goes all the way back to the card's inception with every transaction), how the data is used to find customers, spot fraud, and gain new users.
It's scary. Very scary stuff. But you watch it with the fasiation(sp?) like you would a car accient in the making.
If you want to maintain any sense of privacy, toss the credit cards. Use plain old cash, which is nice and anonymous.
You then refuse any awards / redemption cards (like the coupon cards at Stop-n-Shop here in Boston, Airline Freq. Flyer Cards, Blockbuster rental cards, etc.)<rant>
Credit cards in this country are too easy, and the laws do not cover the data created by the transaction; and in many ways the government has made easier to work with the credit card than with anonymous cash. (Such as the paper work when dealing with any amount of money over $10,000 dollars).</rant>
Sorry for being so disjoined, but this nation really does need a privacy czar; the wants of the corporation must be balance with the privacy of the consumer.

That however does not mean I should have to give up my ability to prevent corporations from gathering information on me, just because Sun Microsystems wants to make a few extra bucks selling my information to other corporations. If I wish to prevent insurance company from gaining access to my medical records, I should have that right. If I don't want my "Born Again Christian" boss to know that at home I access porn sites, I should be legally protected and he should not have access to that information. Constitutionaly protected or not, it is THE RIGHT THING.

"You have zero privacy" is true in a precise sense (which is I think what McNealy meant), and it has nothing to do with the Internet. It means that if someone really wants to find out something (anything) about you, he can. This has always been true for everyone except the most deliberate recluses.

The situation is analogous to computer security: there are a zillion non-obvious paths of attack, so unless you've designed the system with scrupulous attention to security, one of them will find a crack. Have you controlled every channel of information about yourself since before you were born? If not, "you have zero privacy" in that anyone determined can find an "exploit". I don't know how to find out information about people, but I bet once you know, it's child's play (like writing buffer overrun exploits).

I'm not saying that there is no cause for concern about the loss of privacy; I'm saying there's not much you can do about it, so "get over it". Think about how much effort it takes to make a single purchase at Amazon [slashdot.org] without compromising your privacy. Now, think about how relatively benign Amazon's abuse of privacy is, compared to what someone really nasty could do. I just think this battle isn't worth fighting.

... which happens to be a company that sells machines which can be used in Data Mining all that juicy costumer information.
The more info about costumers is available the more and bigger machines are needed to mine it.

Plus: It is believed by some that to be sucessfull as an e-business (or an m-business) companies need provide personalized services to costumers. The more information a company has, the more targeted can be the services.
Who do you think wants to sell machines to run all those Costumer Relationship Management programs?

The problem is that trolls, even though they my not realize it, sometimes have good points. And because they usually take the point of view diametrically opposite the average slashdot reader, in order to enrage them, sometimes these points are the one that need to be heard most so that slashdot doesn't become (remain?) just another old boy network.

Most of his argument is right - talking about the potential benefits of giving away some privacy. He even appears to acknowledge that to some degree the user must have some control over how much is given away - it is a basic principle of law that no person may be forced to pay for a benefit they didn't ask for, regardless how much the person forcing that benefit and payment thinks the beneficiary should have it. Giving up privacy is a kind of payment.

His case really falls down, however, in his commentary on the industry's performance on privacy. A good track record on this issue is necessary to support his underlying argument, that the government should not intervene, which is a point he tacitly acknowledges by arguing the record of industry:

So far the industry has done a pretty good job of regulating itself. Most companies now post formal privacy policies on their Web sites and allow visitors to have a say in how information about them is used.

Unfortunately, the second sentence does not support the first, at all. It is not enough to have privacy policies. The privacy policies have to do something other than say "You have no privacy, get over it". The corporations also have to adhere to their privacy policies. It does not good to have a privacy policy if the policy is "no privacy", or if it's not followed. On both these critical counts, the corporations have an apalling track record.

The failure on this issue is fatal to McNealy's argument that government intervention is not required.

your Web-enabled wireless phone will be able to recommend a nearby restaurant...and then make your reservation for you.

It could even recommend a movie based on what you liked and didn't like in the past -- and, by the way, it's playing three blocks away, starts in half an hour and only a few tickets are left, so would you like to purchase one now with your credit card?

This is just about the worst way to use computers.
People are good at these things, and computers are bad at them.

The Fourth Amendment limits the power of government and only government.

It does not restrict companies, private citizens, or any other non-governmental group in any way. Unless there are specific laws created by the US government (and in many cases there are) limiting the activities of these groups, they are largely free to collect whatever information they want about you and use it for whatever purpose they like. This being the case, we have a hodge-podge of various laws limiting certain types of behaviour by certain types of groups and companies. But there is no particular rhyme or reason to them since they have been created to deal with individual problems as they arose. The problems that are getting attention here on/. are simply new problems that haven't been dealt with by US law yet either through legislation or judicial review.

Putting it another way, there is no Constitutionally assured right to privacy in the US except with regard to the government itself. Whether that is a good thing or not, is a separate issue.

...in many ways the government has made easier to work with the credit card than with anonymous cash.

"Anonymous" being the operative word here. The government is no more a fan of privacy than corporations (the better to police you with, my dear). So, naturally, the government is fully behind the "cashless economy".

As a former Sun employee, I'd like to point out that at Sun, they have a long standing tradition of reading each others email. That's why McNealy doesn't believe in privacy.

Sun developed and promulgated NFS, which stands for No File Security. As it was originally shipped, it was ridiculously trivial to break into NFS. When an NFS client tried to mount a file system from an NFS server, in the request the CLIENT would TELL the SERVER what its host name was, and the server would BELIEVE it, and only check it against the list of allowed hosts in/etc/exports. Whatever hostname the client CLAIMED it was, the server BELIEVED it without question or bothering to check the IP address. So if you wanted to mount any NFS file system with full read/write permissions, all you had to do was find out one of the host names in the NFS server's/etc/exports (say "doober", which was the name of Scott McNealy's workstation), and go "hostname doober ; mount securemailserver://mnt", and you would have complete access to the server.

I found this out when I was a summer intern at Sun in '87. Most of the engineers at Sun knew about NFS's complete lack of security, and thought it was hillarious and convenient, and many used it to get their work done as well as to read each others email and private files. But Sun would still fire anyone who got caught, or read the wrong manager's scheming email and warned the victims about it.

Sun thought their customers should have the same convenience, so they shipped NFS with that wonderful security hole enabled by default, so anybody in the internet could guess or use tftp to get a copy of an NFS server's/etc/exports file, and mount any NFS directory from any NFS server on the Internet.

One of Sun's biggest government customers is the NSA, and I'm sure they appreciated that feature in NFS. Sun has utter contempt for most of their customers, but makes an exception for the NSA, whose ass they kiss on a regular basis (they have a big department dedicated to that onerous task).

[Disclosure: I quit my job at Sun in '91, when they told me repeat their prima facie lies to our customers about the future of NeWS.]

NFS is quite a convenient security hole, huh? That's the real meaning behind "the network is the computer" and "open systems": the computer is insecure, therefore the whole network is a wide "open system". The slogan "write once, run everywhere" should be rephrased: "Write once, there's nowhere to run".

When Scott McNealy says "get over your privacy", it's for his own profit and convenience, because the NSA told him to say it.

The point is, for that level of service, most people would gladly reveal their personal preferences, as long as they feel certain the information won't be misused. On the Internet, even more than in other areas of our lives, trust is the real currency. Squander what you have and you'll find out how hard it can be to get more.

I know that I have real privacy issues with many companies. That is why I use things like webmail and dummy browser proflies. If nothing else, if they scam the email address from the browser, they spam someone I don't like [joke!]

if you took a random poll, you would likely find that the list of companies that people trust is a bit shorter than the list of compnaies theat they do not trust.

Companies do not realize how precious the commodity of trust is. Squander it, and you will have people painting you as the devil decades later.

Some electronics device triggers the gas cartridge in the airbag. You rely on that mechanism to work, why not rely on the other one as well? I suspect the number of false positives would be way to high if loss of signal were interpreted as an accident.

You heard about the information society and about how information would be valuable. All the time you thought they were talking about movies, songs, books, or news. You have since wondered why you were given so much information for free on the internet. Only to now recognize that it wasn't movies which they were calling valuable information. They were talking about you. The data that is the customer, the employee, the voter. Information is not entertainment, it is a control instrument.

Just to clarify this point, I'd like to point out that giving up some privacy is not a prerequisite of using your TiVo. While it's true that they collect anonymized viewing statistics, you can opt out by calling them. For those willing to set up a shell on your TiVo, it's even possible to confirm your privacy settings and even change them yourself. Personally, given that I would've loved to have had a Nielsen box on my TV when I was growing up, the TiVo/privacy issue doesn't bother me. Others have pointed out that the data helps TiVo make money, which given how many geeks seem to like the company, isn't a bad thing to some.

Also, there was a big uproar when TiVo changed their privacy policy to allow sharing with business partners. However, this was so that TiVo could offer a single sign-up for a joint service (such as with the DirecTiVo, which is a combined DirecTV receiver and TiVo -- you're essentially going to be a customer of both companies, anyway).

Overall all, though, I understand that you aren't criticizing TiVo, but instead using this to illustrate the privacy/convenience trade-off. However, I felt it was worth pointing out that TiVo's privacy issue is completely voluntary (albeit on an opt-out basis), rather than pseudo-voluntary (i.e. if you want privacy, don't use the TiVo).

And to riff a little further on your point, and get out of the morass of technicalities that you are replying to, one has to ask oneself, if Congress was so clearly given the right in Article I, Section 8 to arm and regulate the militia exclusively as an organized body, then why were the founders so intent on passing the Second Amendment at all? Why pass an amendment to grant the same power that was already assigned in the original document?

Such an interpretation not only defies logic but also flies in the face of what we know about our founding fathers and their views on government. They were clearly wary of the centralization of power in the hands of the few; guaranteeing ordinary citizens the right to maintain arms was a way of preventing such a thing from happening. People can argue all they want now about how effective that premise is in today's world, but I don't doubt that some of the men who constructed the Constitution and Bill of Rights would, if alive today, be holed up with the Fremen in Montana and trying to lay their hands on rocket launchers and nuclear weapons. The right and the wrong of that position lies elsewhere; but their intent was not to bottle armament up into a federally regulated force, but distribute it amongst the states.

"We have a right to privacy in regards to the actions of the government. Not to actions taken by Sun Microsystems"

Given the fact that how campaigns are financed in the US amounts to nothing more than legalized bribery, where by economicly prosperous companies can buy laws on a whim, I don't see much of a difference between Sun Microsystems (and other assorted companies) and the government of the US.

"To that end, please publish your home address, all phone numbers you can be reached at, your bank account balance, all credit cards you have and their limits, your Social Security number, all of the websites you've visited over the past 9 days, and everything you've purchased using anything but cash in the last 2 years."

Dear Mr Dragon:
Since it is now clear you cannot read basic English, I will explain to you why I did not claim in the article that All My Privacy are Belong to You.

You see, absolute privacy is INCONVIENT. We are not talking about credit card information, or Social Securtiy information here, we are talking about the fact that if you have a heart attack, you will be very happy that the ambulance driver has the ability to access your Medical Records on the spot to save your paranoid ass.

I may have said things in the past that upset you, but assured you have no idea what context the comment was said in and that regardless of context, rabid animals everywhere will jump on me for wanting to know everything about you, when in fact, I have no such desire.

Those who read the article (which at this time appears to be the minority of the respondents) who know that he considers Privacy an economic issue.

"Any company that doesn't properly safeguard people's personal information will suffer the same fate as a bank that doesn't safeguard people's money. It will go out of business."

It appears McNealy thinks that ecomonic theory will control how privacy taken care off. If someones love for inflatable dollies gets out in the wild, noone will buy inflatable dollies from that company again. Fair enough. But McNealy seems to believe people will want thier phone to reccomend where to eat in a new city and its this reason that absolute privacy is wrong. Let me say exactly why I don't want my phone to do that.

Technology like this treats the user like an idiot who doesn't have the mindfulness to remeber what they want to do. It's why people are terrified of Computers and its also why Apple can sell computers at a premium. MS has a habit of trying to predict what the user wants to do, and fails miseribly at it.

Technology like this doesn't offer the consumer choice. Great example is AOL. AOL gives a very convient place for thier consumers to find news, stocks, games, chat, IM, and community building. Are the sites on AOLs main page there because they are the best? In short, no. They are there because those sites signed contracts with AOL, where by they pay AOL to direct users to thier site. The cell phone of the future that McNealy is talking about will operate in the same exact way.

Furthermore, he is wrong in thinking that its a truely economic issue. If ALL companies are selling your buying habits, your address, your name, your dogs name, your phone number, what pr0n sites you read, and that you like little inflatable dollies, what choice does the consumer have? What happens when your boss buys a data base for "market purposes" and notices two years ago you buy some inflatable sheep on your credit card, even if you bought them as a joke?

No thank you McNealy, I don't want my Cell Phone to tell me where to eat, but you are right about one thing: If I have a heart attack, I do want the EMTs in the ambulance to have access to the entirity of my medical records, which is why we need a standardized Medical ID that I carry in my pocket. Then all they have to do is open my wallet and slide in a machine and they know everything they need to know to save my life.

It could even recommend a movie based on what you liked and didn't like in the past -- and, by the way, it's playing three blocks away, starts in half an hour and only a few tickets are left, so would you like to purchase one now with your credit card?

so, essentially, i'm expected to give up chunks of information about my life because it's too inconvenient to ask for directions? yeah, right.

please tell me there's other motivations.

also, why is it that mr mcnealy assumes that the information will be secure if you just want it to be? the example of the medical records at the beginning assumes everything is stored and retrieved perfectly according to plan. i would think that with his experience, he realizes that everything breaks and that there is no real security either.

This may be true, and as he clains, there is a business incentive to protect the privacy of your customers, in order to retain them as customers. The problem with this is that as technology progresses, it becomes increasingly more difficult for customers to take steps to insure they are only doing business with reputable companies that institute tuch practices. Self-regulation of online privacy practices will probably work as well as self-regulation in the Direct Mail Marketing industry. The Direct Mail Association, and industry trade group walks the thin line of doing the absolute minimum to protect consumers rights while at the same time, going to lawmakers saying 'Look what we're doing to protect consumers!'.

While it's true there's a business incentive to self-regulate, this only works in industries where there are high bariers to entry (ie: there is market concentration). In cases where there are such high bariers to entry, the chances, the costs associated with market entry will deter unscrupulous indeviduals and companies because the amrket is not one where they could cut and run if their practices were discovered to be too questionable.

Online business has torn down the bariers to entry for many businesses and markets where previously, the high bariers to entry, made thode markets condusive to self-regulation.

A great deal more care needs to be taken before making blanket statements like McNealy has here...

But, until the day that the Net is flooded with all the personal data, financial transactions, investments, love letters, and downloaded naughty pix that each and every member of the US Supreme Court, the White House, the US Senate, and the US Congress is broadcast to the entire world, noone will do anything about it.

Unless someone does the same thing to all the CEOs and other executives - I believe, as a direct shareholder, that I have the right and the duty to monitor both workplace and home actions of all my employees, and that means the CEOs, the Board of Directors, the Presidents, the Vice-Presidents. And their spouses, mistresses, children, and golf buddies. And they should be published on the open market, in all their lurid details.

Think about it. If all we need IDs for are so we can get medical care, why not a smart card medical ID? Then outlaw any and all people from using our Driver's License Number (except for car rental agencies and employers who have us drive, and outlaw them sharing it) and our Social Security Number (except for our employer and the IRS, and outlaw them sharing it).

And why should my cell phone or PDA rat on me to the movie theater? They don't need to know it's me that wants to know about movies, they just need to know that someone who likes french films, romantic comedies, and SciFi with a plot is nearby, not "who" I am.

Take back the American right to privacy! We're in a Privacy Arms Race with the EU, and we're losing, just like when the corporations bought Pearl Harbor TM (R) (C)...

Of course I want my medical records available to doctors if I collapse. But that problem is solved quite simply with a medic alert bracelet. Lots of people use them. Lots of people CHOOSE to use them.

I agree totally. There's no reason to build databases for 'society's good', which looks like Scott wants to do. It's always better to allow individuals to control their personal information in the style of 'medic alert' bracelets.

I have a wide array of allergies, some of them life-threatening and quite a few that require emergency medical treatment. (Adrenaline shots, anyone? I hate it when my throat closes up.) I would really rather *not* my insurance company to accidentally stumble across that information, because you can be sure my rates would silently start to rise if they did. In the event I pass out on the street and start turning blue, I *do* want that information in the hands of the paramedics on the scene and the doctors in the ER. They don't even have to wait for a database query. They can just pull the bracelet off my arm.

Dude, I've done market analysis for a paycheque and I gotta disagree on a few points...

The fact that company X happens to know that customer ID 939392-2349493-1343 likes to play ping-pong on Tuesday nights and prefers green pullovers to blue is not equivalent to being spied upon. The information is used in an abstract fashion: crunching statistics, determining customer needs, etc. Not one person at DoubleClick or any other "Big Brother" company gives a flying flip at a rolling donut *what* you do in your spare time.

Actually, many companies DO care if you care if you play ping-pong on Tuesday nights. If this is regular behaviour, maybe you'd like to buy our new PADDLE2000. Or maybe you'd like some coupons for a local restaurant chain 'cause you must be eating out on Tuesday nights on your way to ping-pong. Or maybe you'd be interested in donating some dough to a local youth ping-pong team so it can realize its dream of playing in China. Get the drift?

How does a computer thousands of miles away knowing that you're interested in travel, politics, and fine art *really* affect your life, except that the spam you receive is tailored for your interests, instead of being completely random?

Good point, but it belies the basic concept around privacy. I don't care how inocuous the intent. The fact that someone has info about ME that I didn't give them is inherently a breac hof my privacy. Idon't know about you, but I don't need spam to tell me where to find the things I'm interested in, thanks.

People are naturally observant by nature. When you go out in public, you notice what people are doing, wearing, saying, etc. After a while, you come to conclusions based on those observations. Have you invaded those people's privacy? A library keeps track of what books people are reading so that they can keep their library stocked with books that will be useful or interesting to the local population. Have they invaded those people's privacy? The notion that what someone is doing is EVIL because they are company is absurd, yet that seems to be the party line here on Slashdot.

Public domain info (what you wear, what you say within earshot of a stranger) is not a privacy issue at all since its in MY control of where I go what I wear, what I say, etc. A library does not simply stock what people like - otherwise we'd have libraries chock full of trashy books by Danielle Steele and the like. Libraries (through the highly-trained librarians that run them) build collections that reflect the gamut of human knowledge (and, yes, that includes pop culture). Again, this is irrelevant to the privacy issue.

Privacy issues in the information age are not about stunted emotional adoloescence or libertarianism or anarchist fantasies. Rather, they're about maintaining a sense of Self and Humanity in a world where these concepts are withering.

I can't believe people modded this up to +5 at one point?! First off, let me reply to this statement you made:

In the beginning we were innocent and naked and had no privacy, like Adam and Eve in the garden of Eden, naked but for a fig leave each.

If you had actually recounted this Biblical story correctly, you would have known that Adam and Eve were completely naked (no coverings what-so-ever) until they were tempted by Satan, the Devil, the Evil One, Lucifer (whatever you want to call him), and then they sinned by eating from the Tree of the Knowledge of Good and Evil which God told them not to do. He wanted them to not have to know what evil was. It was at this point, when they gained knowledge of good AND evil (before that they only knew good according to the Biblical story), that they realized they were completely naked, became ashamed, and covered themselves with the 'fig leaves', partly because they knew they had done that which God told them not to, hence, they were ashamed.

You are right in saying that privacy is not a right. So why do we want it? Because we all DO have something to hide, because we've ALL made mistakes and are ashamed of them. Or at the very least, we're pretty good, and we don't want other people (like Credit Agencies) making mistakes with our data and ruining our lives.

And as to your other statement: (about as absurd as stating that gun ownership is a 'right').

Of course it's not a right! It's written into the Constitution as a priveledge of our freedom in this country. It's a responsibility to use a gun or firearm properly, and unfortunately, too many people, like you apparently, think that the majority of people who own a gun just don't need it. Tell that to the little old ladies, moms, and dads of this nation who want to protect their families, and themselves, from violent drug addicts trying to rob their homes in the middle of the night.

A short while before this, Arthur Dent had set out from his cabin in search of a cup of tea. It was not a quest he embarked up on with a great deal of optimism, because he knew that the only source of hot drinks on the entire ship was a benighted piece of equipment produced by the Sirius Cybernetics Corporation. It was called a Nutri-Matic Drinks Synthesizer, and he had encountered it before.

It claimed to produce the widest possible ranges of drinks personally matched to the tastes and metabolism of whoever cared to use it. When put to the test, however, it invariably produced a plastic cup filled with a liquid which was almost, but not quite, entirely unlike tea. - The Restaurant at the End of the Universe by Douglas Adams.

*sigh*

I don't want corporations to 'tailor' information to what they think I need to know/have/see based on some randomly, statistically munged informaton they think they 'know' about me.

If the ambulance driver needs to know about my medical history, I'd rather he ask me or my companions, or check my med-id bracelet. If my air bag deploys, I would hope some bystander or person has the presence of mind to call 911 on my behalf rather than wait for my car manufacturer to alert the authorities. If I am driving through a strange city.. chances are I'm not really planning to stop and see a movie. And, if I am then maybe, just maybe, I'm perfectly capable of finding a theater on my own.

All of his arguments sound like lame justifications to track marketing information for the benefit of the corporation, not mine. Which may be fine with me, but I dislike people who try and pick my pockets all the while telling me how much I should appreciate them.

People in America, I have noticed, seem to think that privacy is some sort of fundamental right

And of course, no one in Europe or anywhere else for that matter desire privacy.

Information is power. Information can be used for good. It can also be used for malicious purposes. The question is who do you trust with that power. I do not trust the corporations. Nor do I trust the government.

Since the advent of society, the communication allowed people to disagree. With that came judgment and persecution. While I do not believe that the things that I do are immoral, someone else may. I should not have to suffer under their persecution. Just as you should not have to suffer for being (whatever you are), I should not have to suffer for being a left wing non-religious type. Yet, that is not the way of the world, as people wage their wars of prejudice and try to make other people bend to their will. If my boss found out that I am not a Christian, he might fire me (his being a right wing conservative Christian type who believes that those that think differently than him should be destroyed).

This is not right according to my morals. According to my moral code, a person should be judged on how they do their job... not what creed, nationality, sex, or race they belong to... acording to my moral code, it is none of his business what my religion is.

Perhaps if there were better ways of preserving a persons right to, say, worship whatever god they wanted to... and if everyone agreed to a single moral code, it might be possible to say that privacy is not needed... But I have yet to meet even two people that agree 100% on morality.

The ills that Christians (and yes, it was a religious as well as political party) did to Jewish People during the 2nd world war could have been prevented if the government did not know who the Jewish People were. The lack of this 'silly idea' has cost lives.

I agree that back in the stone age there was no privacy. I also agree that privacy is a social construct. But, so is religion, as religion is an organization. So are words. So are numbers. Everything used to communicate can be categorized as a social construct (and therefor unnatural). If you want to go and live without running water, toilet paper, computers, books (including your bible), and the ability to communicate around the globe... you go right ahead. As for anyone that lives in this social structure, there are real issues to address. Such as privacy.

You're arguing that the GPS suddenly failing is sufficiently important as a consideration that it requires continuously sending your location to a central repository, BUT

You're depending on the continued operation of the vehicle communications system to alert the network to the fact that your airbag deployed?

Why can't the vehicle remember where it was for the last 2 minutes, and only send this information to the network if the airbag goes off (along with the "airbag" message)? This eliminates the issue of surveillance, and the last-received GPS coordinates are going to be just as good in either case.

Oh, yeah. It also deflates the argument for the desirability of Big Brother. Too bad you couldn't spend two seconds thinking about that.--

Take medical records. If you're in an accident, do you want an ambulance driver to be able to access your medical records online? I think you do.

I would prefer that the ambulance driver focuses on the driving rather than trying to access my medical record online.
At least I would have a better chance to be alive when the ambulance arrives in the hospital;-)

Yeah, plus these recommended restaurants/movies/etc will undoubtedly be based on which ones pay the most for advertising.

Ding! <chihuahua>"You are approaching a Taco Bell. Doesn't a delicious Cheesy Gordita Crunch sound good? Perhaps you'd like to wash it down with an ice cold Pepsi."</chihuahua>

Ding! "You are approaching a cineplex. Would you like a ticket for the blockbuster hit, Big Mama's House 4--a witty, lighthearted comedy ('The best movie of the decade' raves Microsoft-Turner-Warner-AOL-MGM-Disney-Sony critic, Jack Razzler). Perhaps you'd like an ice cold Pepsi, a Personal Pan Pizza and a tub of popcorn waiting for you when you arrive."

Just what the world needs. More fucking marketing and homogenization. No thanks.

What he fails to mention is that your preferences are going to be supplemented by paying clients of the personalized services. Sure, your personal area network devices might suggest a nearby restaurant, but you can bet that the restaurant suggested has paid for its favorable placement...
And, even more disturbing, do we want corporations, governments, and more nefarious organizations knowing all about us? Who's to say that data theives, terrorists, over-zealous law enforcement, etc, won't divine ways to steal information about us and use it in ways that are not to our advantage? What if our data suggests we are not supportive of the current regime? Might party appartichs use that info to subvert our influence, attempt to change our minds, or silence us if we become too vocal? What if we want to strike back at tyranny, either corporate or federal through boycotts, protests, our other extreme means in the future? Our prefences, from book selections, to taverns, to affliations might rat us out and lead the protectors of such organizations against us, even before we've raised a finger. Our data is ours; the good of profiling does not outwiegh the potential evil.